By Stephanie Cuomo, RN, Senior Risk Management & Patient Safety Specialist at CAP
As the popularity of Electronic Health Records (EHRs) has risen, so has the confusion revolving around the Electronic Signature. The following excerpts from the California Physicians Legal Handbook (CPLH) are intended to address a few of the issues regarding how to handle the issue of the Electronic Signature. For more comprehensive information, please consult the CPLH, published by the California Medical Association, for additional details or consult your risk management specialist.
On October 1, 2000, the “eSign Law” was enacted, thus eliminating the legal barriers to the use of Electronic Signatures. This federal law is a permissive law, allowing the use of Electronic Signatures, but not mandating their use in any way.
An Electronic Signature is defined by law as, “An electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record” (15 U.S.C. §7006, Civil Code 1633.2(h). A Digital Signature is a type of Electronic Signature that uniquely identifies the signatory and authenticates the digital message or document with a digital code. There are different types of Digital Signatures, but the technology is designed to use encryption techniques to perform two tasks...
Please log in or register below to read the full article.
By Stephanie Cuomo, RN, Senior Risk Management & Patient Safety Specialist at CAP
As the popularity of Electronic Health Records (EHRs) has risen, so has the confusion revolving around the Electronic Signature. The following excerpts from the California Physicians Legal Handbook (CPLH) are intended to address a few of the issues regarding how to handle the issue of the Electronic Signature. For more comprehensive information, please consult the CPLH, published by the California Medical Association, for additional details or consult your risk management specialist.
On October 1, 2000, the “eSign Law” was enacted, thus eliminating the legal barriers to the use of Electronic Signatures. This federal law is a permissive law, allowing the use of Electronic Signatures, but not mandating their use in any way.
An Electronic Signature is defined by law as, “An electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record” (15 U.S.C. §7006, Civil Code 1633.2(h). A Digital Signature is a type of Electronic Signature that uniquely identifies the signatory and authenticates the digital message or document with a digital code. There are different types of Digital Signatures, but the technology is designed to use encryption techniques to perform two tasks:
- Guarantee the identity of the sender; and
- Provide assurance that the document has not been altered in transit, insuring that the author and signer are agreeing to the same terms.
Under eSign, electronic records can be substituted for written records if the records are accurate, remain available for all to see them who have the right to do so, and can be reproduced for later reference. Again, there are no federal laws mandating Electronic Signatures, Digital Signatures, or electronic records, and certain transactions are excluded from the eSign law.
The effects of this technology will be dramatic as more providers and institutions transition to EHR systems and transmit health care information electronically. Vital to the success of this level of communication will be that the proper security measures be put in place to assure the authentication of the user’s identity, the integrity and confidentiality of the message, and what is called “non-repudiation.” Non-repudiation ensures that the sender cannot later deny sending the message.
The use of this technology may increase the risk for potential medical errors, as well as opportunities for fraud. Naturally, those risks will vary with the nature of the transaction. It is critically important that the issues of authentication, message integrity and confidentiality, and non-repudiation be addressed and solved before the physician adopts Electronic Signatures for any critical communications in which a patient’s individually identifiable protected health information is involved.
Medicare will accept an Electronic Signature for medical review purposes but will not accept the use of a physician’s signature stamp. And, although the U.S. Department of Health and Human Services has proposed Electronic Signature Standards, currently none have been put in place. In the absence of such standards, physicians must ensure that any Electronic Signature used will result in a legally binding contract under applicable state or federal laws. The HIPAA Security Rule requires all covered entities to ensure the confidentiality, integrity, and availability of all electronic protected health information. It does not, however, mandate the use of Digital Signatures and the resulting benefits of that level of encryption. The various government agencies concerned with the eSign Law and HIPAA continue to work on harmonizing the two laws.
About The Cooperative of American Physicians
The Cooperative of American Physicians, Inc., established in 1975, offers medical professional liability protection and risk management services to nearly 12,000 of California’s finest physicians. In 2013, CAP organized CAPAssurance, a Risk Purchasing Group, to bring liability insurance coverage to member hospitals, health care facilities, and large medical groups.